17 December 2014

On the need for an open source smartphone

Threatpost is reporting on Palo Alto Networks' discovery of a backdoor on an Android phone sold primarily in the Chinese and Taiwan markets that allows the vendor (and ostensibly anyone approved
by or who impersonates the vendor) to take over your phone.

Whether there is any hyperbole in this or not, it's clear that what they describe could very easily be done. And it thus underscores why we need a fully open source smartphone platform that puts the user in control. A solution that's effectively open only for vendors or leaves the last mile closed (i.e., drivers) just isn't good enough.

Once we have the software solved, we can move on to building hardware that's open in the critical areas. But let's start with the easier to solve software problem. With just the smallest help from manufacturers, we could have this problem solved yesterday.